Cloud Cybersecurity Systems Administrator

The National Security Division at Leidos has an opening for a Cloud Cybersecurity Systems Administrator supporting an Air Force & Navy Mission Planning program.  This position will help manage a Next-generation Continuous Integration/Continuous Deployment (CI/CD) pipeline supporting 40+ developer teams across cutting-edge technology stacks.  This position will be part of a team of engineers working in a DevSecOps environment, enabling rapid software development solutions while providing guidance on how to improve Air Force & Navy Mission Planning software.

Primary Responsibilities

The successful candidate will have a passion for maintaining the cybersecurity posture of complex IT systems, and will be eager to learn new technologies and enjoy overcoming the challenges of the unknown. Candidate will work in a peer-to-peer environment placing a high value on collaboration and team success. Day-to-day responsibilities will include implementation, maintenance, and troubleshooting of a complex and diverse cloud environment, to include:

• Providing Subject Matter Expertise for cloud Information Assurance on a variety of implementations

• Securing high-availability systems via industry/DOD standards and best practices

• Configuring & securing Azure/AWS cloud resources for build, release & deployment pipelines

• Supporting an enterprise CI/CD environment with multiple servers, operating sys and applications

• Deploying, reviewing, patching & testing systems for adherence to build & security requirements

• Resolving tickets and problem reports on specific technologies and hardware/software components, including COTS/GOTS products, from the system level to individual hardware/software components

• Building and maintaining scripts for automation of tasks and server maintenance

• Creating and maintaining accurate maintenance documentation for systems

Basic Qualifications

• U.S. Citizenship (no dual citizenship) & ability to obtain and maintain a DoD Secret Level Security Clearance

• Bachelors degree in Information Technology/Computer Science or a closely related field. Additional years of relevant experience will be considered in lieu of degree.

• Ability to obtain a Security+ certification or minimum equivalent (DoD 8570 Compliant)

• 4+ years of Windows & Linux sys administration with 2+ years in an Azure/AWS cloud environment

• Experience applying/debugging STIG settings/conflicts in Windows/Linux servers and hosted apps

• Ability to acquire Microsoft Azure, RHEL, Windows Server, and/or SQL Server certification(s)

• Experience interpreting scanning tool outputs (Nessus, SCAP, Evaluate STIG, etc.) and remediating findings

• Experience with system troubleshooting tools like top, iostat, vmstat, netstat, lvm, fdisk

• Strong understanding of networking concepts such as OSI Model, LAN/WAN, IPv4/IPv6, subnetting, VLANs, edge services & point-to-point VPN setup within cloud environments

• Experience working with identity management & authentication tools such as LDAP, SAML, and PKI

Preferred Qualifications

• Hands-on experience with Configuration Management tools such as Ansible, Chef, or Puppet

• Hands-on experience with Trellix/McAfee ePO and product suite

• Hands-on configuration and experience with SIEM tools (e.g., Splunk, Azure Log Analytics, QRadar, LogRhythm)

• Hands-on experience with Microsoft Active Directory (i.e., OU creation, Schema Changes, Security Groups)

• Hands-on experience with Microsoft Group Policy (i.e., Creating GPOs, GPO inheritance, Security Filtering)

• Virtualization experience (VMware vCenter, ESXi, KVM, Hyper-V)

• Experience with Docker container technologies and Docker container deployment technologies, such as Terraform, Kubernetes, OpenShift, Helm, EKS, AKS

• Experience supporting Jenkins pipeline code building and analysis tools

• Coding and/or scripting experience using Python, Powershell, Bash, or other tools

• Atlassian Tools Suite experience (Bitbucket, Confluence, JIRA)

• Experience managing web servers such as IIS and Tomcat

• Familiarity with F5 BIG-IP Authentication and SAML IdP/SP

• Intermediate knowledge of MS SQL, PostgreSQL, and MySQL

• Experience in designing and implementing VNet/VLAN ports, protocols and services settings to restrict communications across Cloud-native virtual networking boundaries

• Experience managing projects and processes to achieve enterprise business improvement objectives

• Experience hardening API Gateway and API Endpoints

• Experience with backup and recovery of IT infrastructure

• Experience as an Information Systems Security Officer or Engineer (ISSO or ISSE)

• Experience managing, interpreting, and updating Plans of Action and Milestones (POA&Ms)

• Experience developing cybersecurity policy related to cloud environments

• Experience applying STIGs to containers

Original Posting Date:

While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.